The purpose of this standard is to improve the security of ASU web applications by addressing threat modeling and security testing, web application criticality and the associated review process, the web application sign-off/approval process and recommended guidelines.